The Los Angeles Superior Court has an enormous data and online system that for years remained too vulnerable to hackers. The court began stepping up its monitoring, defenses and response operations less than two years ago, and it belatedly brought on a cybersecurity officer – a standard move for any large organization, public or private – this year.
Six weeks later, the court was hit by a ransomware attack that infected its computer system with damaging software, forcing it to temporarily close. The new security systems spotted the breach early on Friday, July 19, and court personnel who began their workdays early found ransom notes on their devices before 7 a.m. that day. The court remained unavailable to the public until the following Tuesday, and even then, it operated at severely diminished capacity for several more days.
Read more…
Source: Governing
Related:
- The WikiLeaks Hacking Dump Exposed a Big Disconnect Over Cyber Security
March 29, 2017
When WikiLeaks founder Julian Assange disclosed earlier this month that his anti-secrecy group had obtained CIA tools for hacking into technology products made by U.S. companies, security engineers at Cisco Systems swung into action. The WikiLeaks documents described how the Central Intelligence Agency had learned more than a year ago how to exploit flaws in Cisco’s ...
- Germany Fought Off Two Fancy Bear Cyber Attacks in 2016
March 27, 2017
Fears about Russian involvement in European elections, especially after last year’s US election, aren’t exactly unfounded or born out of paranoia. In fact, Germany says it fended off two cyber attacks coming from the same cybercriminals that targeted Hillary Clinton’s campaign. Arne Schoenbohm, a top German official, told Reuters they managed to fight off two attacks ...
- US Critical Infrastructure Cybersecurity Milestone
March 25, 2017
Last week the Idaho National Laboratory (INL) and the Department of Homeland Security (DHS) announced the successful completion of the 100th iteration of the Industrial Control Systems Cybersecurity training on defending systems used across the critical infrastructure sectors. Since April 2007, over 4,000 cybersecurity professionals have participated in the advanced course. These professionals represent all ...
- Senators reintroduce a bill to improve cybersecurity in cars
March 23, 2017
Senators Ed Markey of Massachusetts and Richard Blumenthal of Connecticut have reintroduced the Security and Privacy in Your Car (SPY Car) Act of 2017. They first introduced the bill, along with a similar bill for aircraft, during the last session. The SPY Car Act places the onus for automotive cybersecurity and privacy standards on the shoulders ...
- Cyber Firm at Center of Russian Hacking Charges Misread Data
March 21, 2017
An influential British think tank and Ukraine’s military are disputing a report that the U.S. cybersecurity firm CrowdStrike has used to buttress its claims of Russian hacking in the presidential election. The CrowdStrike report, released in December, asserted that Russians hacked into a Ukrainian artillery app, resulting in heavy losses of howitzers in Ukraine’s war with ...
- Government Cybersecurity Contractor Hit in W-2 Phishing Scam
March 17, 2017
Just a friendly reminder that phishing scams which spoof the boss and request W-2 tax data on employees are intensifying as tax time nears. The latest victim shows that even cybersecurity experts can fall prey to these increasingly sophisticated attacks. On Thursday, March 16, the CEO of Defense Point Security, LLC — a Virginia company that ...